Compare commits
6 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 jared
|
d4f159ee7c | ||
|
jared
|
61019418d3 | ||
|
jared
|
1a53718cc5 | ||
|
jared
|
afaeb64636 | ||
|
jared
|
b6ee45a842 | ||
|
jared
|
9c4dd5df51 |
@@ -155,6 +155,17 @@ def require_auth(f):
|
||||
return wrapper
|
||||
|
||||
|
||||
def require_admin(f):
|
||||
"""Decorator: require require_auth AND membership in the 'admin' group."""
|
||||
@wraps(f)
|
||||
def wrapper(*args, **kwargs):
|
||||
user = _get_user()
|
||||
if 'admin' not in user.get('groups', []):
|
||||
return jsonify({'error': 'Admin access required'}), 403
|
||||
return f(*args, **kwargs)
|
||||
return wrapper
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Helpers
|
||||
# ---------------------------------------------------------------------------
|
||||
@@ -228,6 +239,7 @@ def inspector():
|
||||
|
||||
@app.route('/suppressions')
|
||||
@require_auth
|
||||
@require_admin
|
||||
def suppressions_page():
|
||||
user = _get_user()
|
||||
active = db.get_active_suppressions()
|
||||
@@ -323,6 +335,7 @@ def api_get_suppressions():
|
||||
|
||||
@app.route('/api/suppressions', methods=['POST'])
|
||||
@require_auth
|
||||
@require_admin
|
||||
def api_create_suppression():
|
||||
user = _get_user()
|
||||
data = request.get_json(silent=True) or {}
|
||||
@@ -371,6 +384,7 @@ def api_create_suppression():
|
||||
|
||||
@app.route('/api/suppressions/<int:sup_id>', methods=['DELETE'])
|
||||
@require_auth
|
||||
@require_admin
|
||||
def api_delete_suppression(sup_id: int):
|
||||
user = _get_user()
|
||||
db.deactivate_suppression(sup_id)
|
||||
@@ -612,7 +626,8 @@ def api_avatar():
|
||||
avatar_data = avatar_data.encode('latin-1')
|
||||
if avatar_data[:3] != b'\xFF\xD8\xFF':
|
||||
logger.warning(f'Non-JPEG avatar data for {username}')
|
||||
open(sentinel, 'w').close()
|
||||
with open(sentinel, 'w'):
|
||||
pass
|
||||
return '', 404
|
||||
|
||||
with open(cache_file, 'wb') as f:
|
||||
|
||||
@@ -182,7 +182,7 @@ def get_active_events(limit: int = 200, offset: int = 0) -> list:
|
||||
for r in rows:
|
||||
for k in ('first_seen', 'last_seen'):
|
||||
if r.get(k) and hasattr(r[k], 'isoformat'):
|
||||
r[k] = r[k].isoformat()
|
||||
r[k] = r[k].isoformat() + 'Z'
|
||||
return rows
|
||||
|
||||
|
||||
@@ -210,7 +210,7 @@ def get_recent_resolved(hours: int = 24, limit: int = 50) -> list:
|
||||
for r in rows:
|
||||
for k in ('first_seen', 'last_seen', 'resolved_at'):
|
||||
if r.get(k) and hasattr(r[k], 'isoformat'):
|
||||
r[k] = r[k].isoformat()
|
||||
r[k] = r[k].isoformat() + 'Z'
|
||||
return rows
|
||||
|
||||
|
||||
@@ -252,7 +252,7 @@ def get_active_suppressions() -> list:
|
||||
for r in rows:
|
||||
for k in ('created_at', 'expires_at'):
|
||||
if r.get(k) and hasattr(r[k], 'isoformat'):
|
||||
r[k] = r[k].isoformat()
|
||||
r[k] = r[k].isoformat() + 'Z'
|
||||
return rows
|
||||
|
||||
|
||||
@@ -267,7 +267,7 @@ def get_suppression_history(limit: int = 50) -> list:
|
||||
for r in rows:
|
||||
for k in ('created_at', 'expires_at'):
|
||||
if r.get(k) and hasattr(r[k], 'isoformat'):
|
||||
r[k] = r[k].isoformat()
|
||||
r[k] = r[k].isoformat() + 'Z'
|
||||
return rows
|
||||
|
||||
|
||||
|
||||
+6
-3
@@ -215,7 +215,10 @@ class TicketClient:
|
||||
resp.raise_for_status()
|
||||
data = resp.json()
|
||||
if data.get('success'):
|
||||
tid = data['ticket_id']
|
||||
tid = data.get('ticket_id')
|
||||
if not tid:
|
||||
logger.warning(f'Ticket API success but no ticket_id in response: {data}')
|
||||
return None
|
||||
logger.info(f'Created ticket #{tid}: {title}')
|
||||
return tid
|
||||
if data.get('existing_ticket_id'):
|
||||
@@ -377,7 +380,7 @@ class LinkStatsCollector:
|
||||
f'ssh -o StrictHostKeyChecking=accept-new -o ConnectTimeout=5 '
|
||||
f'-o BatchMode=yes -o LogLevel=ERROR '
|
||||
f'-o ServerAliveInterval=10 -o ServerAliveCountMax=2 '
|
||||
f'root@{ip} "{shell_cmd}"'
|
||||
f'root@{ip} {shlex.quote(shell_cmd)}'
|
||||
)
|
||||
output = self.pulse.run_command(ssh_cmd)
|
||||
if output is None:
|
||||
@@ -918,7 +921,7 @@ class NetworkMonitor:
|
||||
return {
|
||||
'hosts': hosts,
|
||||
'unifi': display_unifi,
|
||||
'updated': datetime.utcnow().isoformat(),
|
||||
'updated': datetime.utcnow().isoformat() + 'Z',
|
||||
}
|
||||
|
||||
# ------------------------------------------------------------------
|
||||
|
||||
+1
-1
@@ -220,7 +220,7 @@ function updateEventsTable(events, totalActive) {
|
||||
? GANDALF_CONFIG.ticket_web_url : 'http://t.lotusguild.org/ticket/';
|
||||
const ticket = e.ticket_id
|
||||
? `<a href="${lt.escHtml(ticketBase)}${lt.escHtml(String(e.ticket_id))}" target="_blank"
|
||||
class="ticket-link">#${e.ticket_id}</a>`
|
||||
class="ticket-link">#${lt.escHtml(String(e.ticket_id))}</a>`
|
||||
: '–';
|
||||
const supBadge = e.is_suppressed
|
||||
? `<span class="lt-badge badge-suppressed" title="Alert suppressed">🔕 sup</span>`
|
||||
|
||||
@@ -428,7 +428,7 @@ function renderInspector(data) {
|
||||
|
||||
const updEl = document.getElementById('inspector-updated');
|
||||
if (updEl && data.updated) {
|
||||
const updMs = new Date(data.updated + (data.updated.includes('Z') ? '' : 'Z'));
|
||||
const updMs = new Date(_toIso(data.updated));
|
||||
const ageMin = (Date.now() - updMs) / 60000;
|
||||
const timeStr = updMs.toLocaleTimeString();
|
||||
if (ageMin > 15) {
|
||||
|
||||
@@ -36,7 +36,6 @@
|
||||
{% block scripts %}
|
||||
<script>
|
||||
const escHtml = s => lt.escHtml(s);
|
||||
const _toIso = s => s ? s.replace(' UTC', 'Z').replace(' ', 'T') : s;
|
||||
|
||||
// ── Formatting helpers ────────────────────────────────────────────
|
||||
function fmtRate(bytesPerSec) {
|
||||
@@ -527,7 +526,7 @@ function expandAll() {
|
||||
// ── Stale data warning ────────────────────────────────────────────
|
||||
function checkLinksStale(updatedStr) {
|
||||
if (!updatedStr) return;
|
||||
const age = (Date.now() - new Date(updatedStr + (updatedStr.includes('Z') ? '' : 'Z'))) / 1000;
|
||||
const age = (Date.now() - new Date(_toIso(updatedStr))) / 1000;
|
||||
let banner = document.getElementById('links-stale-banner');
|
||||
if (age > 120) {
|
||||
if (!banner) {
|
||||
@@ -556,7 +555,7 @@ async function loadLinks() {
|
||||
}
|
||||
const updEl = document.getElementById('links-updated');
|
||||
if (updEl && data.updated) {
|
||||
updEl.textContent = 'Updated: ' + new Date(data.updated + (data.updated.includes('Z') ? '' : 'Z')).toLocaleTimeString();
|
||||
updEl.textContent = 'Updated: ' + new Date(_toIso(data.updated)).toLocaleTimeString();
|
||||
}
|
||||
renderLinks(data);
|
||||
checkLinksStale(data.updated);
|
||||
|
||||
@@ -51,7 +51,7 @@
|
||||
<label class="lt-label" for="s-reason">Reason <span class="required">*</span></label>
|
||||
<input type="text" class="lt-input" id="s-reason" name="reason"
|
||||
placeholder="e.g. Planned switch maintenance, replacing SFP on large1/enp43s0"
|
||||
required>
|
||||
required aria-required="true">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user